extend ILDAPProvider to allow reading arbitrairy ldap attributes for users

Signed-off-by: Robin Appelman <robin@icewind.nl>
This commit is contained in:
Robin Appelman 2021-01-14 16:51:13 +01:00 committed by backportbot[bot]
parent 24a7772d6c
commit b38149edaa
2 changed files with 59 additions and 18 deletions

View File

@ -306,4 +306,35 @@ class LDAPProvider implements ILDAPProvider, IDeletionFlagSupport {
}
return $this->groupBackend->getLDAPAccess($gid)->getConnection()->getConfiguration()['ldap_group_member_assoc_attribute'];
}
/**
* Get an LDAP attribute for a nextcloud user
* @param string $uid the nextcloud user id to get the attribute for
* @param string $attribute the name of the attribute to read
* @return string|null
* @throws \Exception if user id was not found in LDAP
*/
public function getUserAttribute(string $uid, string $attribute): ?string {
if (!$this->userBackend->userExists($uid)) {
throw new \Exception('User id not found in LDAP');
}
$access = $this->userBackend->getLDAPAccess($uid);
$connection = $access->getConnection();
$key = $uid . "::" . $attribute;
$cached = $connection->getFromCache($key);
if ($cached !== null) {
return $cached;
}
$value = $access->readAttribute($access->username2dn($uid), $attribute);
if (is_array($value) && count($value) > 0) {
$value = current($value);
} else {
return null;
}
$connection->writeToCache($key, $value);
return $value;
}
}

View File

@ -157,4 +157,14 @@ interface ILDAPProvider {
* @since 13.0.0
*/
public function getLDAPGroupMemberAssoc($gid);
/**
* Get an LDAP attribute for a nextcloud user
* @param string $uid the nextcloud user id to get the attribute for
* @param string $attribute the name of the attribute to read
* @return string|null
* @throws \Exception if user id was not found in LDAP
* @since 22.0.0
*/
public function getUserAttribute(string $uid, string $attribute): ?string;
}